Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 12 articles for you...
100
security advisorySuSEremote accessSUSE: hawk2 Important Security Update CVE-2025-55193,61919 2026:20091-1
An update that solves two vulnerabilities and has two fixes can now be installed.. # Security update for hawk2 Announcement ID: SUSE-SU-2026:20091-1 Release Date: 2026-01-13T12:46:40Z Rating: important References: * bsc#1230275 * bsc#1247899 * bsc#1248100 * bsc#1251939 Cross-References: * CVE-2025-55193 * CVE-2025-61919 CVSS scores: * CVE-2025-55193 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-55193 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-55193 ( NVD ): 2.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-61919 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61919 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61919 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server High Availability Extension 16.0 An update that solves two vulnerabilities and has two fixes can now be installed. ## Description: This update for hawk2 fixes the following issues: * Bump ruby gem rack to 3.1.18 (bsc#1251939). * Bump ruby gem uri to 1.0.4. * Fix the mtime in manifest.json (bsc#1230275). * Make builds determinitstic (bsc#1230275). * Bump rails version from 8.0.2 to 8.0.2.1 (bsc#1248100). * Require openssl explicitly (bsc#1247899). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server High Availability Extension 16.0 zypper in -t patch SUSE-SLES-HA-16.0-134=1 ## Package List: * SUSE Linux Enterprise Server High Availability Extension 16.0 (ppc64le s390x x86_64) *hawk2-debuginfo-2.7.0+git.1742310530.bfcd0e2c-160000.3.1 * hawk2-debugsource-2.7.0+git.1742310530.bfcd0e2c-160000.3.1 * hawk2-2.7.0+git.1742310530.bfcd0e2c-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55193.html * https://www.suse.com/security/cve/CVE-2025-61919.html * https://bugzilla.suse.com/show_bug.cgi?id=1230275 * https://bugzilla.suse.com/show_bug.cgi?id=1247899 * https://bugzilla.suse.com/show_bug.cgi?id=1248100 * https://bugzilla.suse.com/show_bug.cgi?id=1251939 . Addressing two vulnerabilities in hawk2 with an important SUSE update ensures system protection and reliability.. hawk2 security update, SUSE vulnerability management, important security fixes, remote access patch. . Severity: Important. LinuxSecurity.com Team
Jan 20, 2026
•Important
SuSE
100
security advisorySuSEpatchSUSE: hawk2 Important Update CVE-2025-55193, CVE-2025-61919
An update that solves two vulnerabilities and has two fixes can now be installed.. # Security update for hawk2 Announcement ID: SUSE-SU-2026:20093-1 Release Date: 2026-01-13T12:39:59Z Rating: important References: * bsc#1230275 * bsc#1247899 * bsc#1248100 * bsc#1251939 Cross-References: * CVE-2025-55193 * CVE-2025-61919 CVSS scores: * CVE-2025-55193 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-55193 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-55193 ( NVD ): 2.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-61919 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61919 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61919 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities and has two fixes can now be installed. ## Description: This update for hawk2 fixes the following issues: * Bump ruby gem rack to 3.1.18 (bsc#1251939). * Bump ruby gem uri to 1.0.4. * Fix the mtime in manifest.json (bsc#1230275). * Make builds determinitstic (bsc#1230275). * Bump rails version from 8.0.2 to 8.0.2.1 (bsc#1248100). * Require openssl explicitly (bsc#1247899). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-134=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * hawk2-debuginfo-2.7.0+git.1742310530.bfcd0e2c-160000.3.1 *hawk2-debugsource-2.7.0+git.1742310530.bfcd0e2c-160000.3.1 * hawk2-2.7.0+git.1742310530.bfcd0e2c-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55193.html * https://www.suse.com/security/cve/CVE-2025-61919.html * https://bugzilla.suse.com/show_bug.cgi?id=1230275 * https://bugzilla.suse.com/show_bug.cgi?id=1247899 * https://bugzilla.suse.com/show_bug.cgi?id=1248100 * https://bugzilla.suse.com/show_bug.cgi?id=1251939 . Security update for hawk2 addresses two key issues in SUSE Linux. Immediate patching is advised to maintain system integrity.. SUSE Linux,hawk2 security update,important patch 2026,software vulnerabilities,system security measures. . Severity: Important. LinuxSecurity.com Team
Jan 20, 2026
•Important
SuSE
202
security advisorysecurity issuebug fixopenSUSE: hawk2 Important 2026:20025-1 Fixes 2 Issues and Bug Fixes
An update that solves 2 vulnerabilities and has 4 bug fixes can now be installed.. openSUSE security update: security update for hawk2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20025-1 Rating: important References: * bsc#1230275 * bsc#1247899 * bsc#1248100 * bsc#1251939 Cross-References: * CVE-2025-55193 * CVE-2025-61919 CVSS scores: * CVE-2025-55193 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-55193 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-61919 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61919 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 4 bug fixes can now be installed. Description: This update for hawk2 fixes the following issues: - Bump ruby gem rack to 3.1.18 (bsc#1251939). - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json (bsc#1230275). - Make builds determinitstic (bsc#1230275). - Bump rails version from 8.0.2 to 8.0.2.1 (bsc#1248100). - Require openssl explicitly (bsc#1247899). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-134=1 Package List: - openSUSE Leap 16.0: hawk2-2.7.0+git.1742310530.bfcd0e2c-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2025-55193.html * https://www.suse.com/security/cve/CVE-2025-61919.html . Update for openSUSE Leap 16.0 fixing 2 issues in hawk2, including security vulnerabilities and 4 bug fixes now available.. openSUSE update, hawk2 security fix, important patch, software vulnerabilities, Linux patches. . Severity:Important. LinuxSecurity.com Team
Jan 15, 2026
•Important
OpenSUSE
202
security advisoryupdateCSRFopenSUSE 15.5: SUSE-SU-2024:0077-1 Moderate: hawk2 XSS Patch
This update for hawk2 fixes the following issues: Fixed HttpOnly secure flag by default (bsc#1216508). Fixed CSRF in errors_controller.rb protection (bsc#1216571).. # Security update for hawk2 Announcement ID: SUSE-SU-2024:0076-1 Rating: moderate References: * bsc#1206217 * bsc#1207930 * bsc#1208533 * bsc#1213454 * bsc#1215438 * bsc#1215976 * bsc#1216508 * bsc#1216571 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP1 * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.0 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.0 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager RetailBranch Server 4.3 * SUSE Manager Server 4.0 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has eight security fixes can now be installed. ## Description: This update for hawk2 fixes the following issues: * Fixed HttpOnly secure flag by default (bsc#1216508). * Fixed CSRF in errors_controller.rb protection (bsc#1216571). Update to version 2.6.4+git.1702030539.5fb7d91b: * Fix mime type issue in MS windows (bsc#1215438) * Parametrize CORS Access-Control-Allow-Origin header (bsc#1213454) * Tests: upgrate tests for ruby3.2 (tumbleweed) (bsc#1215976) * Upgrade for ruby3.2 (tumbleweed) (bsc#1215976) * Forbid special symbols in the category (bsc#1206217) * Fix the sass-rails version on ~5.0 (bsc#1208533) * Don't delete the private key if the public key is missing (bsc#1207930) * make-sle155-compatible.patch . No bsc, it's for backwards compatibility. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2024-76=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP1 zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-76=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) *hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP1 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1206217 * https://bugzilla.suse.com/show_bug.cgi?id=1207930 * https://bugzilla.suse.com/show_bug.cgi?id=1208533 *https://bugzilla.suse.com/show_bug.cgi?id=1213454 * https://bugzilla.suse.com/show_bug.cgi?id=1215438 * https://bugzilla.suse.com/show_bug.cgi?id=1215976 * https://bugzilla.suse.com/show_bug.cgi?id=1216508 * https://bugzilla.suse.com/show_bug.cgi?id=1216571 . This new release for eagle4 tackles security concerns such as XSS weaknesses and enhancements to Secure flag settings. Discover additional details!. hawk2 Update, OpenSUSE Security, CSRF Protection. . LinuxSecurity.com Team
Jan 10, 2024
OpenSUSE
100
security advisorymoderatesecurity fixSUSE: 2024:0076-1 moderate: hawk2 security vulnerability patch
* bsc#1206217 * bsc#1207930 * bsc#1208533 * bsc#1213454 * bsc#1215438 . # Security update for hawk2 Announcement ID: SUSE-SU-2024:0076-1 Rating: moderate References: * bsc#1206217 * bsc#1207930 * bsc#1208533 * bsc#1213454 * bsc#1215438 * bsc#1215976 * bsc#1216508 * bsc#1216571 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP1 * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.0 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.0 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.0 * SUSE Manager Server 4.1 * SUSE ManagerServer 4.2 * SUSE Manager Server 4.3 An update that has eight security fixes can now be installed. ## Description: This update for hawk2 fixes the following issues: * Fixed HttpOnly secure flag by default (bsc#1216508). * Fixed CSRF in errors_controller.rb protection (bsc#1216571). Update to version 2.6.4+git.1702030539.5fb7d91b: * Fix mime type issue in MS windows (bsc#1215438) * Parametrize CORS Access-Control-Allow-Origin header (bsc#1213454) * Tests: upgrate tests for ruby3.2 (tumbleweed) (bsc#1215976) * Upgrade for ruby3.2 (tumbleweed) (bsc#1215976) * Forbid special symbols in the category (bsc#1206217) * Fix the sass-rails version on ~5.0 (bsc#1208533) * Don't delete the private key if the public key is missing (bsc#1207930) * make-sle155-compatible.patch . No bsc, it's for backwards compatibility. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2024-76=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP1 zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-76=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-76=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 *hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP1 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debugsource-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 * hawk2-debuginfo-2.6.4+git.1702030539.5fb7d91b-150000.3.39.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1206217 * https://bugzilla.suse.com/show_bug.cgi?id=1207930 * https://bugzilla.suse.com/show_bug.cgi?id=1208533 * https://bugzilla.suse.com/show_bug.cgi?id=1213454 * https://bugzilla.suse.com/show_bug.cgi?id=1215438 *https://bugzilla.suse.com/show_bug.cgi?id=1215976 * https://bugzilla.suse.com/show_bug.cgi?id=1216508 * https://bugzilla.suse.com/show_bug.cgi?id=1216571 . The recent falcon2 enhancement addresses several mid-tier issues within SUSE Linux environments. For further information, click here.. hawk2 Security Update, SUSE Maintenance, Linux System Patching, High Availability Extensions. . LinuxSecurity.com Team
Jan 10, 2024
SuSE
202
security advisorysecurity issueupdateopenSUSE 15.2: SUSE-SU-2021:0473-1 Critical: Hawk2 Security Issues
An update that solves two vulnerabilities and has one errata is now available. . openSUSE Security Update: Security update for hawk2 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0473-1 Rating: important References: #1179999 #1182165 #1182166 Cross-References: CVE-2020-35459 CVE-2021-25314 CVSS scores: CVE-2020-35459 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-35459 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-25314 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for hawk2 fixes the following issues: - Update to version 2.6.3: * Remove hawk_invoke and use capture3 instead of runas (bsc#1179999)(CVE-2020-35459) * Remove unnecessary chmod (bsc#1182166)(CVE-2021-25314) * Sanitize filename to contains whitelist of alphanumeric (bsc#1182165) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-473=1 Package List: - openSUSE Leap 15.2 (x86_64): hawk2-2.6.3+git.1614684118.af555ad9-lp152.2.18.1 hawk2-debuginfo-2.6.3+git.1614684118.af555ad9-lp152.2.18.1 hawk2-debugsource-2.6.3+git.1614684118.af555ad9-lp152.2.18.1 References: https://www.suse.com/security/cve/CVE-2020-35459.html https://www.suse.com/security/cve/CVE-2021-25314.html https://bugzilla.suse.com/1179999 https://bugzilla.suse.com/1182165 https://bugzilla.suse.com/1182166 . This release addresses critical vulnerabilities in eagle-eye for openSUSE Leap 15.2, mitigating two major risks.. openSUSE Updates,Hawk2 Security,Software Patches. . Severity: Important. LinuxSecurity.com Team
Mar 25, 2021
•Important
OpenSUSE
100
security advisorysystem integrityfixesSUSE: 2021:0943-1 Important Hawk2 Update Critical Fixes
An update that solves two vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for hawk2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:0943-1 Rating: important References: #1179999 #1182165 #1182166 Cross-References: CVE-2020-35459 CVE-2021-25314 CVSS scores: CVE-2020-35459 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-35459 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-25314 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise High Availability 12-SP3 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for hawk2 fixes the following issues: - Update to version 2.6.3: * Remove hawk_invoke and use capture3 instead of runas (bsc#1179999)(CVE-2020-35459) * Remove unnecessary chmod (bsc#1182166)(CVE-2021-25314) * Sanitize filename to contains whitelist of alphanumeric (bsc#1182165) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12-SP3: zypper in -t patch SUSE-SLE-HA-12-SP3-2021-943=1 Package List: - SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64): hawk2-2.6.3+git.1614685906.812c31e9-2.42.1 hawk2-debuginfo-2.6.3+git.1614685906.812c31e9-2.42.1 hawk2-debugsource-2.6.3+git.1614685906.812c31e9-2.42.1 References: https://www.suse.com/security/cve/CVE-2020-35459.html https://www.suse.com/security/cve/CVE-2021-25314.html https://bugzilla.suse.com/1179999 https://bugzilla.suse.com/1182165 https://bugzilla.suse.com/1182166 . SUSE Security Patch for hawk2 addresses vulnerabilities and significantly bolsters system protection effectively with critical enhancements ready for deployment.. SUSE Hawk2 Update, Important Security Patch, SUSE Security Fix. . Severity: Important. LinuxSecurity.com Team
Mar 24, 2021
•Important
SuSE
100
security advisoryupdatethreatSUSE: 2021:0942-1 Important: Hawk2 Security Update Critical Issues
An update that solves two vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for hawk2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:0942-1 Rating: important References: #1179999 #1182165 #1182166 Cross-References: CVE-2020-35459 CVE-2021-25314 CVSS scores: CVE-2020-35459 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-35459 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-25314 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise High Availability 12-SP5 SUSE Linux Enterprise High Availability 12-SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for hawk2 fixes the following issues: - Update to version 2.6.3: * Remove hawk_invoke and use capture3 instead of runas (bsc#1179999)(CVE-2020-35459) * Remove unnecessary chmod (bsc#1182166)(CVE-2021-25314) * Sanitize filename to contains whitelist of alphanumeric (bsc#1182165) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 12-SP5: zypper in -t patch SUSE-SLE-HA-12-SP5-2021-942=1 - SUSE Linux Enterprise High Availability 12-SP4: zypper in -t patch SUSE-SLE-HA-12-SP4-2021-942=1 Package List: - SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64): hawk2-2.6.3+git.1614685906.812c31e9-3.30.1 hawk2-debuginfo-2.6.3+git.1614685906.812c31e9-3.30.1 hawk2-debugsource-2.6.3+git.1614685906.812c31e9-3.30.1 - SUSELinux Enterprise High Availability 12-SP4 (ppc64le s390x x86_64): hawk2-2.6.3+git.1614685906.812c31e9-3.30.1 hawk2-debuginfo-2.6.3+git.1614685906.812c31e9-3.30.1 hawk2-debugsource-2.6.3+git.1614685906.812c31e9-3.30.1 References: https://www.suse.com/security/cve/CVE-2020-35459.html https://www.suse.com/security/cve/CVE-2021-25314.html https://bugzilla.suse.com/1179999 https://bugzilla.suse.com/1182165 https://bugzilla.suse.com/1182166 . SUSE has issued a crucial Security Update for hawk2, targeting serious vulnerabilities in the application. Clear installation instructions are available for users to apply the update smoothly. SUSE Security Update, Hawk2 Patch, Critical Issues. . Severity: Important. LinuxSecurity.com Team
Mar 24, 2021
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!